SSL secure browsing - attack tree Mindmap

Ian Grigg iang at
Sun May 16 11:37:25 EDT 2004

-------- Original Message --------
Subject: Financial Cryptography Update: SSL secure browsing - attack tree Mindmap


Here is a /work in progress/ Mindmap on the threats to the secure
browsing process.

The mindmap purports to be an attack tree, which is a technique to
include and categorise all possible threats to a process.  An attack
tree is one possible aid to constructing a threat model, which latter
is a required step to constructing a security model.  The mindmap
supports another /work in progress/ on threat modelling for secure
browsing at for the
Mozilla project.

(The secure browsing security model uses SSL as a protocol and the
Certificate Authority model as the public key authentication regime,
all wrapped up in HTTPS within the browser.  Technically, the protocol
and key regime are separate, but in practice they are joined at the
hip, so any security modelling needs to consider them both.  SSL - the
protocol part - has been widely scrutinised and has evolved to what is
considered a secure form.  In contrast the CA model has been widely
criticised, and has not really evolved since its inception.  It remains
the weak link in security.

As part of a debate on how to address the security issues in secure
browsing and other applications that use SSL/CA such as S/MIME, the
threat model is required before we can improve the security model.
Unfortunately, the original one is not much use, as it was a
theoretical prediction of the MITM that did not come to pass.)

Powered by Movable Type
Version 2.64

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list